OSPF on standby ASA

Answered Question
Nov 7th, 2008

Hi, I have ASA 5520 configured in Active/standby mode. These boxes are connected to two Cisco 3800 series routers. The OSPF is configured here to auto divert the traffic on these routers.

On my Active box the ospf is working fine. But at the same time my standby box is unable to establish ospf neighbourship.

Does it possible to have same ospf on both standby and Active boxes?

Kindly suggest.

ThankX in advance.

Correct Answer by Jon Marshall about 8 years 3 months ago

From the 7.2 confiiguration guide

Dynamic Routing and Failover

Dynamic routes are not replicated to the standby unit or failover group in a failover configuration. Therefore, immediately after a failover occurs, some packets received by the security appliance may be dropped because of a lack of routing information or routed to a default static route while the routing table is repopulated by the configured dynamic routing protocols.

Full link -

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html

Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Jon Marshall Fri, 11/07/2008 - 07:48

You will not see OSPF information on the standby unit until there is a failover to the standby unit and then OSPF will reconverge.

There will obviously be a delay when failing over so you may want to change the OSPF timers to reduce the amount of failover time.

Jon

rakesh.thale Sun, 11/09/2008 - 20:01

Jon, Thankx for the valuable reply.

Can I have a reference document for the same.

Thanks again in advance.

Correct Answer
Jon Marshall Mon, 11/10/2008 - 00:13

From the 7.2 confiiguration guide

Dynamic Routing and Failover

Dynamic routes are not replicated to the standby unit or failover group in a failover configuration. Therefore, immediately after a failover occurs, some packets received by the security appliance may be dropped because of a lack of routing information or routed to a default static route while the routing table is repopulated by the configured dynamic routing protocols.

Full link -

http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/ip.html

Jon

Actions

This Discussion